Microsoft Windows Unauthorized Digital Certificates Spoofing Vulnerability (2718704) Network Vulnerability

Summary

The host is installed with Microsoft Windows operating system and is prone to digital certificates spoofing vulnerability.

Impact

Successful exploitation will allow remote attackers to spoof content, perform phishing attacks or perform man-in-the-middle attacks. Impact Level: System

Solution

Apply the Patch from below link, http://technet.microsoft.com/en-us/security/advisory/2718704

Insight

The flaw is due to unauthorized digital certificates derived from a Microsoft Certificate Authority. An unauthorized certificate could be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks.

Affected

Windows 7 Service Pack 1 and prior Windows XP Service Pack 3 and prior Windows Vista Service Pack 2 and prior Windows Server 2003 Service Pack 2 and prior Windows Server 2008 Service Pack 2 and prior

References

http://securitytracker.com/id/1027114
http://support.microsoft.com/kb/2718704
http://technet.microsoft.com/en-us/security/advisory/2718704
http://www.theregister.co.uk/2012/06/04/microsoft_douses_flame/print.html

Updated on 2015-03-25

Severity

Classification

CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

CA Unicenter's File Transfer Service is running
Sun Java Runtime Environment DoS
Microsoft Windows Fraudulent Digital Certificates Spoofing Vulnerability
DCE Services Enumeration
Microsoft ASP.NET Cross-Site Scripting vulnerability

Take action and discover your vulnerabilities